public/http/sslcert/Get-SslCert.ps1
|
function Get-SslCert { <# .SYNOPSIS Gets one or many sslcert bindings using netsh http show sslcert .DESCRIPTION Gets one or many sslcert bindings using netsh http show sslcert and parses them into a collection of [SslCert] objects for easier access to properties and their values. The output of netsh uses 'display names' for the properties which include spaces. So to access these on the resulting [SslCert] you must surround your property names with quotes like $sslcert.Properties.'Enable Token Binding'. Some common properties are parsed into friendly property names like IpPort, CertHash, and AppId. So you can get to the certficate thumbprint using $sslcert.CertHash instead of $sslcert.Properties.'Certificate Hash' .EXAMPLE PS C:\> Get-SslCert -IpPort 0.0.0.0:8998 Gets the sslcert binding for IPPort 0.0.0.0:8998 including all of it's extended properties. #> [CmdletBinding(DefaultParameterSetName='NoFilter')] [OutputType([SslCert])] param ( # Specifies the IP address and port for the binding. Example: [fe80::1]:443, 1.1.1.1:443, 0.0.0.0:443, [::]:443 [Parameter(ParameterSetName='IpPortFilter')] [string] $IpPort, # Specifies the hostname and port for the binding. Example: www.contoso.com:443 [Parameter(ParameterSetName='HostnamePortFilter')] [string] $HostnamePort, # Specifies the ccs port for the binding. Example: 443 [Parameter(ParameterSetName='CcsFilter')] [string] $Ccs ) process { $command = "netsh.exe http show sslcert" switch ($PSCmdlet.ParameterSetName) { 'IpPortFilter' { $command += " ipport=$IpPort" } 'HostnamePortFilter' { $command += " hostnameport=$HostnamePort" } 'CcsFilter' { $command += " ccs=$Ccs" } Default {} } Write-Verbose "Executing the command '$command'" $output = Invoke-Expression -Command $command $success = $LASTEXITCODE -eq 0 if ($success) { foreach ($row in $output) { if ([string]::IsNullOrWhiteSpace($row)) { continue } elseif ($row.StartsWith('SSL Certificate bindings:')) { continue } elseif ($row.StartsWith('-')) { continue } $line = $row.Trim() if ($line.StartsWith('IP:port')) { if ($sslcert.Keys.Count -gt 1) { Write-Verbose "Completed sslcert binding property collection for certificate with hash $($sslcert.'Certificate Hash')" Write-Output ([sslcert]::new($sslcert)) } Write-Verbose "Starting new sslcert binding property collection" $extendedProperties = New-Object System.Collections.Generic.List[hashtable] $obj = @{ 'Extended Properties' = $extendedProperties } $sslcert = $obj } $key, $value = $line -split '\s+:\s+' if ($null -eq $value) { $value = [string]::Empty } if ($key -eq 'PropertyId') { Write-Verbose "Adding Extended Properties for PropertyId $value" $obj = @{ } $extendedProperties.Add($obj) } try { $obj.$key = $value } catch { Write-Error $_ } } if ($sslcert.Keys.Count -gt 1) { Write-Verbose "Completed sslcert binding property collection for certificate with hash $($sslcert.'Certificate Hash')" Write-Output ([sslcert]::new($sslcert)) } } else { $output = [string]::Join("`r`n", $output).Trim() Write-Error "Error: $output" } } } |